package com.qf.interceptor;

import com.qf.exception.PermissionException;
import com.qf.pojo.User;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class PermissionInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //请求的路径
        String requestURI = request.getRequestURI();
        //拦截的权限
        HttpSession session = request.getSession();
        Object obj = session.getAttribute("loginUser");
        if (obj!=null && obj instanceof User){
            //登录了，再判断权限
            User user = (User)obj;
            //拿到权限ID
            Integer permissionId = user.getRole().getPermissionId();
            /**
             * alluser
             * parentManager 家长管理（*）
             * studentManager 学生管理
             * Device 设备管理
             *
             * examManager考试管理（*）
             *
             * clazzManager 班级管理（*）
             * Classroom 教室管理
             *
             * teacherManager 教师管理（*）
             * bookManager 教材管理（*）
             * course 科目
             * grade 年级
             * clazz 教室
             *
             *
             * userManager 用户管理
             * roleManager 角色管理
             * permissionManager 权限管理
             */
            if (requestURI.startsWith("/html/examManager")){
                if (permissionId<=4){
                    return true;
                }else {
                    throw new PermissionException("权限不足");
                }
            }

            if (requestURI.startsWith("/html/Classroom")||requestURI.startsWith("/html/clazzManager")){
                if (permissionId<=3){
                    return true;
                }else {
                    throw new PermissionException("权限不足");
                }
            }

            if (requestURI.startsWith("/html/clazz")||requestURI.startsWith("/html/grade")||requestURI.startsWith("/html/course")||requestURI.startsWith("/html/bookManager")||requestURI.startsWith("/html/teacherManager")){
                if (permissionId<=2){
                    return true;
                }else {
                    throw new PermissionException("权限不足");
                }
            }

            if (requestURI.startsWith("/html/permissionManager")||requestURI.startsWith("/html/roleManager")||requestURI.startsWith("/html/userManager")){
                if (permissionId==1){
                    return true;
                }else {
                    throw new PermissionException("权限不足");
                }
            }
            if(requestURI.startsWith("/introduction/insertPic")||requestURI.startsWith("/introduction/deletePic")||requestURI.startsWith("/introduction/updatePic")){
                if (permissionId<=2){
                    return true;
                }else {
                    throw new PermissionException("权限不足");
                }
            }

        }
        //都不符合就放行
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
